[tor-bugs] #18017 [Tor Browser]: Switch to NSS 3.19.2.2 to mitigate SLOTH attack (CVE-2015-7575)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jan 7 20:02:04 UTC 2016
#18017: Switch to NSS 3.19.2.2 to mitigate SLOTH attack (CVE-2015-7575)
-------------------------+-------------------------------------------------
Reporter: gk | Owner: tbb-team
Type: task | Status: new
Priority: Very | Milestone:
High | Version:
Component: Tor | Keywords: tbb-security, TorBrowserTeam201601,
Browser | tbb-5.5
Severity: | Parent ID:
Critical | Sponsor:
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Mozilla thinks backporting the fix for CVE-2015-7575 is not important
enough and does not do it. I think giving our context we should do it,
though. Let's try switching to NSS 3.19.2.2 in the next release (end of
January).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18017>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list